FreeBSD14.2 ; Postfix ClamAV + Amavis + SpamassAssinでウイルス・スパム対策

FreeBSD 14.2 にClamAVをインストールし、Postfixに対しAmavisで連携させます。
ClamAVはアンチウイルスソフトウェアです。
Postfixをすでに実装しているという前提で進めます。

1. ClamAV

1.1 インストール

# pkg install -y clamav

1	# pkg install -y clamav

各々オプションはとりあえずデフォルトでインストールします

clamavバージョンチェック

# pkg version -v | grep clamav
clamav-1.4.1_2,1                   <   needs updating (index has 1.4.1_4,1)

1 2	# pkg version -v \| grep clamav clamav-1.4.1_2,1 < needs updating (index has 1.4.1_4,1)

1.2 設定ファイル編集

①clamd.conf 編集
ClamAVはrootユーザで実行する

# chmod 640 /usr/local/etc/clamd.conf

# vi /usr/local/etc/clamd.conf
35行目: コメント解除
#LogTime yes
LogTime yes

233行目 : コメントアウトする
User clamav
#User clamav

# chmod 640 /usr/local/etc/clamd.conf

# vi /usr/local/etc/clamd.conf

35行目: コメント解除

#LogTime yes

LogTime yes

233行目 : コメントアウトする

User clamav

#User clamav

➁freshclam.conf 編集
ウイルスのパターンファイルについての設定

# chmod 640 /usr/local/etc/freshclam.conf

# vi /usr/local/etc/freshclam.conf
62行目 : 変更
DatabaseOwner clamav　
　　↓
DatabaseOwner root

78行目 : ミラーサイト変更
#DatabaseMirror database.clamav.net
DatabaseMirror db.jp.clamav.net

121行目 : コメント解除
#Checks 24
Checks 24

# chmod 640 /usr/local/etc/freshclam.conf

# vi /usr/local/etc/freshclam.conf

62行目 : 変更

DatabaseOwner clamav　

　　↓

DatabaseOwner root

78行目 : ミラーサイト変更

#DatabaseMirror database.clamav.net

DatabaseMirror db.jp.clamav.net

121行目 : コメント解除

#Checks 24

Checks 24

1.3 ウイルスデータベース更新

# freshclam
ClamAV update process started at Sun Dec  8 10:08:08 2024
daily database available for download (remote version: 27480)
Time:    2.2s, ETA:    0.0s [========================>]   61.35MiB/61.35MiB
Testing database: '/var/db/clamav/tmp.acb7c3ec44/clamav-cba48d88597028bc3e26efa593949abb.tmp-daily.cvd' ...
Database test passed.
daily.cvd updated (version: 27480, sigs: 2069181, f-level: 90, builder: raynman)
main database available for download (remote version: 62)
Time:    5.2s, ETA:    0.0s [========================>]  162.58MiB/162.58MiB
Testing database: '/var/db/clamav/tmp.acb7c3ec44/clamav-0edf9c47f9d307811cc45c932716367a.tmp-main.cvd' ...
Database test passed.
main.cvd updated (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode database available for download (remote version: 335)
Time:    0.1s, ETA:    0.0s [========================>]  282.94KiB/282.94KiB
Testing database: '/var/db/clamav/tmp.acb7c3ec44/clamav-9fc754056c77ee85bf61e795c03316c3.tmp-bytecode.cvd' ...
Database test passed.
bytecode.cvd updated (version: 335, sigs: 86, f-level: 90, builder: raynman)
WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd.sock: No such file or directory

# freshclam

ClamAV update process started at Sun Dec 8 10:08:08 2024

daily database available for download (remote version: 27480)

Time: 2.2s, ETA: 0.0s [========================>] 61.35MiB/61.35MiB

Testing database: '/var/db/clamav/tmp.acb7c3ec44/clamav-cba48d88597028bc3e26efa593949abb.tmp-daily.cvd' ...

Database test passed.

daily.cvd updated (version: 27480, sigs: 2069181, f-level: 90, builder: raynman)

main database available for download (remote version: 62)

Time: 5.2s, ETA: 0.0s [========================>] 162.58MiB/162.58MiB

Testing database: '/var/db/clamav/tmp.acb7c3ec44/clamav-0edf9c47f9d307811cc45c932716367a.tmp-main.cvd' ...

Database test passed.

main.cvd updated (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)

bytecode database available for download (remote version: 335)

Time: 0.1s, ETA: 0.0s [========================>] 282.94KiB/282.94KiB

Testing database: '/var/db/clamav/tmp.acb7c3ec44/clamav-9fc754056c77ee85bf61e795c03316c3.tmp-bytecode.cvd' ...

Database test passed.

bytecode.cvd updated (version: 335, sigs: 86, f-level: 90, builder: raynman)

WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd.sock: No such file or directory

1.4 ClamAV起動

ClamAVの自動起動設定

# vi /etc/rc.conf
以下を追記
clamav_clamd_enable="YES"
clamav_freshclam_enable="YES"

# vi /etc/rc.conf

以下を追記

clamav_clamd_enable="YES"

clamav_freshclam_enable="YES"

起動する

# /usr/local/etc/rc.d/clamav_clamd start
Starting clamav_clamd.

# /usr/local/etc/rc.d/clamav_freshclam start
Starting clamav_freshclam.

# /usr/local/etc/rc.d/clamav_clamd start

Starting clamav_clamd.

# /usr/local/etc/rc.d/clamav_freshclam start

Starting clamav_freshclam.

1.5 手動ウイルスチェック

手動でウイルスチェックを行う場合は以下を実行(スキャン範囲は /home/)

# clamscan --infected --remove --recursive -r /home
----------- SCAN SUMMARY -----------
Known viruses: 8700973
Engine version: 1.4.1
Scanned directories: 15
Scanned files: 19
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 31.778 sec (0 m 31 s)
Start Date: 2024:12:08 10:28:58
End Date:   2024:12:08 10:29:29

# clamscan --infected --remove --recursive -r /home

----------- SCAN SUMMARY -----------

Known viruses: 8700973

Engine version: 1.4.1

Scanned directories: 15

Scanned files: 19

Infected files: 0

Data scanned: 0.00 MB

Data read: 0.00 MB (ratio 0.00:1)

Time: 31.778 sec (0 m 31 s)

Start Date: 2024:12:08 10:28:58

End Date: 2024:12:08 10:29:29

1.6 自動ウイルススキャン

• スキャン範囲は /home/ とする
• スキャン結果を /var/log/clamav.log に出力
• 検知したウイルスを自動削除
• 毎日実行
上記条件で実行スクリプトを作成する

①ウイルス格納ディレクトリの作成

# mkdir -p /var/lib/clamav/virus

1	# mkdir -p /var/lib/clamav/virus

➁シェルスクリプト作成

# vi /etc/clamscan.sh
下記内容を記述
#!/bin/sh
# clamscan script

CLAMSCAN='/usr/local/bin/clamscan'
echo "clamscan start "`date '+%Y%m%d'`
$CLAMSCAN --log=/var/log/clamav/clamav.log -i --move=/var/lib/clamav/virus/ -r /home

# vi /etc/clamscan.sh

下記内容を記述

#!/bin/sh

# clamscan script

CLAMSCAN='/usr/local/bin/clamscan'

echo "clamscan start "`date '+%Y%m%d'`

$CLAMSCAN --log=/var/log/clamav/clamav.log -i --move=/var/lib/clamav/virus/ -r /home

スクリプトに実行権限を付与

# chmod 755 /etc/clamscan.sh

1	# chmod 755 /etc/clamscan.sh

AM0:00に実行されるようcronに登録

# crontab -e
下記内容記述
0 0 * * *  /etc/clamscan.sh > /dev/null 2>&1

# crontab -e

下記内容記述

0 0 * * * /etc/clamscan.sh > /dev/null 2>&1

試しに下記を実行する

# /etc/clamscan.sh
clamscan start 20241208

----------- SCAN SUMMARY -----------
Known viruses: 8700973
Engine version: 1.4.1
Scanned directories: 15
Scanned files: 19
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 28.636 sec (0 m 28 s)
Start Date: 2024:12:08 10:30:42
End Date:   2024:12:08 10:31:11

# /etc/clamscan.sh

clamscan start 20241208

----------- SCAN SUMMARY -----------

Known viruses: 8700973

Engine version: 1.4.1

Scanned directories: 15

Scanned files: 19

Infected files: 0

Data scanned: 0.00 MB

Data read: 0.00 MB (ratio 0.00:1)

Time: 28.636 sec (0 m 28 s)

Start Date: 2024:12:08 10:30:42

End Date: 2024:12:08 10:31:11

/var/log/clamav/clamav.logを見ると上記と同様のログがあります

# cat /var/log/clamav/clamav.log

1	# cat /var/log/clamav/clamav.log

2. Amavis

ClamAVとPostfixを連携させるAmavisをインストールします

2.1 インストール

# cd /usr/ports/security/amavisd-new
# make config

1 2	# cd /usr/ports/security/amavisd-new # make config

オプション設定は以下のようにしました
SPAMASSASINは入れておく

# make install clean

1	# make install clean

IPv6は必要ないので項目を外す
その他はデフォルトで進めます

2.2 設定ファイル編集

amavisd.conf編集

# vi /usr/local/etc/amavisd.conf
13行目 : コメント解除
# @bypass_spam_checks_maps = (1);
@bypass_spam_checks_maps = (1);

23行目: 自ドメイン名に変更する
$mydomain = '<domain name>';

156行目 : 自ホスト名に変更
# $myhostname = 'host.example.com';
$myhostname = 'mail.<domain name>'; #自ホスト名に変更

158-159行目 : コメント解除
# $notify_method  = 'smtp:[127.0.0.1]:10025';
# $forward_method = 'smtp:[127.0.0.1]:10025';
↓
$notify_method  = 'smtp:[127.0.0.1]:10025';
$forward_method = 'smtp:[127.0.0.1]:10025';

387-390 行目 : コメント解除
# ### http://www.clamav.net/
# ['ClamAV-clamd',
#   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
#   qr/\bOK$/m, qr/\bFOUND$/m,
#   qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
↓
### http://www.clamav.net/
 ['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
   qr/\bOK$/m, qr/\bFOUND$/m,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],

# vi /usr/local/etc/amavisd.conf

13行目 : コメント解除

# @bypass_spam_checks_maps = (1);

@bypass_spam_checks_maps = (1);

23行目: 自ドメイン名に変更する

$mydomain = '<domain name>';

156行目 : 自ホスト名に変更

# $myhostname = 'host.example.com';

$myhostname = 'mail.<domain name>'; #自ホスト名に変更

158-159行目 : コメント解除

# $notify_method = 'smtp:[127.0.0.1]:10025';

# $forward_method = 'smtp:[127.0.0.1]:10025';

↓

$notify_method = 'smtp:[127.0.0.1]:10025';

$forward_method = 'smtp:[127.0.0.1]:10025';

387-390 行目 : コメント解除

# ### http://www.clamav.net/

# ['ClamAV-clamd',

# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],

# qr/\bOK$/m, qr/\bFOUND$/m,

# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],

↓

### http://www.clamav.net/

['ClamAV-clamd',

\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],

qr/\bOK$/m, qr/\bFOUND$/m,

qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],

2.3 Amavis 自動起動設定

# vi /etc/rc.conf
下記を記述追加
amavisd_enable="YES"

# vi /etc/rc.conf

下記を記述追加

amavisd_enable="YES"

Amavis 起動

# /usr/local/etc/rc.d/amavisd start

1	# /usr/local/etc/rc.d/amavisd start

2.4 Postfixの設定

①main.cf編集

# vi /usr/local/etc/postfix/main.cf
#最終行に追記
# Filter configuration
content_filter = smtp-amavis:[127.0.0.1]:10024

# vi /usr/local/etc/postfix/main.cf

#最終行に追記

# Filter configuration

content_filter = smtp-amavis:[127.0.0.1]:10024

➁master.cf編集

# vi /usr/local/etc/postfix/master.cf
#最終行下記を追記
# Amavis configuration
smtp-amavis unix -      -       n       -       2       smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20
127.0.0.1:10025 inet n  -       n       -       -       smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

# vi /usr/local/etc/postfix/master.cf

#最終行下記を追記

# Amavis configuration

smtp-amavis unix - - n - 2 smtp

-o smtp_data_done_timeout=1200

-o smtp_send_xforward_command=yes

-o disable_dns_lookups=yes

-o max_use=20

127.0.0.1:10025 inet n - n - - smtpd

-o content_filter=

-o local_recipient_maps=

-o relay_recipient_maps=

-o smtpd_restriction_classes=

-o smtpd_delay_reject=no

-o smtpd_client_restrictions=permit_mynetworks,reject

-o smtpd_helo_restrictions=

-o smtpd_sender_restrictions=

-o smtpd_recipient_restrictions=permit_mynetworks,reject

-o smtpd_data_restrictions=reject_unauth_pipelining

-o smtpd_end_of_data_restrictions=

-o mynetworks=127.0.0.0/8

-o smtpd_error_sleep_time=0

-o smtpd_soft_error_limit=1001

-o smtpd_hard_error_limit=1000

-o smtpd_client_connection_count_limit=0

-o smtpd_client_connection_rate_limit=0

-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

3. SpamAssassinでスパム対策

3.1 SpamAssassinインストール

Amavisをインストールした際、オプションでspamassassinを選択しなかった場合下記要領でインストールする

# cd /usr/ports/mail/spamassassin
# make install clean

1 2	# cd /usr/ports/mail/spamassassin # make install clean

# chmod 644 /usr/local/etc/mail/spamassassin/v310.pre

1	# chmod 644 /usr/local/etc/mail/spamassassin/v310.pre

3.2 設定ファイル編集

# vi /usr/local/etc/mail/spamassassin/v310.pre

24行目 : コメント解除(TextCatを有効にする)
loadplugin Mail::SpamAssassin::Plugin::DCC

# vi /usr/local/etc/mail/spamassassin/v310.pre

24行目 : コメント解除(TextCatを有効にする)

loadplugin Mail::SpamAssassin::Plugin::DCC

3.3 Spamassassin起動

# vi /etc/rc.conf

下記追加記述
spamd_enable="YES"

# vi /etc/rc.conf

下記追加記述

spamd_enable="YES"

# sa-update
# /usr/local/etc/rc.d/sa-spamd start
Starting spamd.

# sa-update

# /usr/local/etc/rc.d/sa-spamd start

Starting spamd.

3.4 SpamassAssinアップデート

アップデートスクリプトを作成する

# vi /etc/periodic/daily/620.spamassassin

下記内容を記入
#!/bin/sh

PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
cd /usr/local/etc/mail/spamassassin
wget -q https://github.com/kittyfreak/spamassassin_user_prefs/archive/refs/heads/main.zip
[ $? -ne 0 ] && exit

unzip main.zip >/dev/null 2>&1
[ $? -ne 0 ] && exit
rm -f main.zip

mv spamassassin_user_prefs-main/user_prefs .
rm -rf spamassassin_user_prefs-main

cp user_prefs local.cf
cat << EOF >> local.cf
report_safe 0
rewrite_header Subject ***SPAM***
EOF
/usr/local/etc/rc.d/sa-spamd restart > /dev/null

# vi /etc/periodic/daily/620.spamassassin

下記内容を記入

#!/bin/sh

PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin

cd /usr/local/etc/mail/spamassassin

wget -q https://github.com/kittyfreak/spamassassin_user_prefs/archive/refs/heads/main.zip

[ $? -ne 0 ] && exit

unzip main.zip >/dev/null 2>&1

[ $? -ne 0 ] && exit

rm -f main.zip

mv spamassassin_user_prefs-main/user_prefs .

rm -rf spamassassin_user_prefs-main

cp user_prefs local.cf

cat << EOF >> local.cf

report_safe 0

rewrite_header Subject ***SPAM***

EOF

/usr/local/etc/rc.d/sa-spamd restart > /dev/null

スクリプトに実行権限を付与

# chmod 755 /etc/periodic/daily/620.spamassassin

1	# chmod 755 /etc/periodic/daily/620.spamassassin

スクリプトを実行すると、実行した日時のlocal.cffが作成される

# pkg install wget

# /etc/periodic/daily/620.spamassassin

# ls -l /usr/local/etc/mail/spamassassin
total 529
-rw-r--r--  1 root wheel   1649 Dec  8 10:59 init.pre
-rw-r--r--  1 root wheel   1649 Dec  8 10:59 init.pre.sample
-rw-r--r--  1 root wheel 500636 Dec  8 11:03 local.cf
-rw-r--r--  1 root wheel   3218 Dec  8 10:59 local.cf.sample
drwx------  2 root wheel      6 Dec  8 11:02 sa-update-keys
-rw-r--r--  1 root wheel 500588 Apr 30  2023 user_prefs
-rw-r--r--  1 root wheel   2266 Dec  8 11:01 v310.pre
-rw-r--r--  1 root wheel   2267 Dec  8 10:59 v310.pre.sample
-rw-r--r--  1 root wheel   1168 Dec  8 10:59 v312.pre
-rw-r--r--  1 root wheel   1168 Dec  8 10:59 v312.pre.sample
-rw-r--r--  1 root wheel   2416 Dec  8 10:59 v320.pre
-rw-r--r--  1 root wheel   2416 Dec  8 10:59 v320.pre.sample
-rw-r--r--  1 root wheel   1237 Dec  8 10:59 v330.pre
-rw-r--r--  1 root wheel   1237 Dec  8 10:59 v330.pre.sample
-rw-r--r--  1 root wheel   1020 Dec  8 10:59 v340.pre
-rw-r--r--  1 root wheel   1020 Dec  8 10:59 v340.pre.sample
-rw-r--r--  1 root wheel   1315 Dec  8 10:59 v341.pre
-rw-r--r--  1 root wheel   1315 Dec  8 10:59 v341.pre.sample
-rw-r--r--  1 root wheel   1519 Dec  8 10:59 v342.pre
-rw-r--r--  1 root wheel   1519 Dec  8 10:59 v342.pre.sample
-rw-r--r--  1 root wheel   1266 Dec  8 10:59 v343.pre
-rw-r--r--  1 root wheel   1266 Dec  8 10:59 v343.pre.sample
-rw-r--r--  1 root wheel   1484 Dec  8 10:59 v400.pre
-rw-r--r--  1 root wheel   1484 Dec  8 10:59 v400.pre.sample
-rw-r--r--  1 root wheel   1118 Dec  8 10:59 v401.pre
-rw-r--r--  1 root wheel   1118 Dec  8 10:59 v401.pre.sample

# pkg install wget

# /etc/periodic/daily/620.spamassassin

# ls -l /usr/local/etc/mail/spamassassin

total 529

-rw-r--r-- 1 root wheel 1649 Dec 8 10:59 init.pre

-rw-r--r-- 1 root wheel 1649 Dec 8 10:59 init.pre.sample

-rw-r--r-- 1 root wheel 500636 Dec 8 11:03 local.cf

-rw-r--r-- 1 root wheel 3218 Dec 8 10:59 local.cf.sample

drwx------ 2 root wheel 6 Dec 8 11:02 sa-update-keys

-rw-r--r-- 1 root wheel 500588 Apr 30 2023 user_prefs

-rw-r--r-- 1 root wheel 2266 Dec 8 11:01 v310.pre

-rw-r--r-- 1 root wheel 2267 Dec 8 10:59 v310.pre.sample

-rw-r--r-- 1 root wheel 1168 Dec 8 10:59 v312.pre

-rw-r--r-- 1 root wheel 1168 Dec 8 10:59 v312.pre.sample

-rw-r--r-- 1 root wheel 2416 Dec 8 10:59 v320.pre

-rw-r--r-- 1 root wheel 2416 Dec 8 10:59 v320.pre.sample

-rw-r--r-- 1 root wheel 1237 Dec 8 10:59 v330.pre

-rw-r--r-- 1 root wheel 1237 Dec 8 10:59 v330.pre.sample

-rw-r--r-- 1 root wheel 1020 Dec 8 10:59 v340.pre

-rw-r--r-- 1 root wheel 1020 Dec 8 10:59 v340.pre.sample

-rw-r--r-- 1 root wheel 1315 Dec 8 10:59 v341.pre

-rw-r--r-- 1 root wheel 1315 Dec 8 10:59 v341.pre.sample

-rw-r--r-- 1 root wheel 1519 Dec 8 10:59 v342.pre

-rw-r--r-- 1 root wheel 1519 Dec 8 10:59 v342.pre.sample

-rw-r--r-- 1 root wheel 1266 Dec 8 10:59 v343.pre

-rw-r--r-- 1 root wheel 1266 Dec 8 10:59 v343.pre.sample

-rw-r--r-- 1 root wheel 1484 Dec 8 10:59 v400.pre

-rw-r--r-- 1 root wheel 1484 Dec 8 10:59 v400.pre.sample

-rw-r--r-- 1 root wheel 1118 Dec 8 10:59 v401.pre

-rw-r--r-- 1 root wheel 1118 Dec 8 10:59 v401.pre.sample

3.5 postfix再起動

# /usr/local/etc/rc.d/postfix restart
postfix/postfix-script: stopping the Postfix mail system
postfix/postfix-script: starting the Postfix mail system

# /usr/local/etc/rc.d/postfix restart

postfix/postfix-script: stopping the Postfix mail system

postfix/postfix-script: starting the Postfix mail system

3.6 スパムメールボックス作成

今回はIMAPを利用する場合

①既存ユーザー用スパムメールボックス作成
既存ユーザーをhuongとします

# bash
# mkdir -p /home/huong/Maildir/.spam/{cur,new,tmp}
# chmod -R 700 /home/huong/Maildir/.spam
# chown -R huong:huong /home/huong/Maildir/.spam
# sh

# bash

# mkdir -p /home/huong/Maildir/.spam/{cur,new,tmp}

# chmod -R 700 /home/huong/Maildir/.spam

# chown -R huong:huong /home/huong/Maildir/.spam

# sh

➁追加ユーザー用スパムメールボックス作成

# chsh -s /bin/bash
# mkdir -p /usr/share/skel/Maildir/.spam/{cur,new,tmp}
# chmod -R 700 /usr/share/skel/Maildir/.spam
# chsh -s /bin/sh

# chsh -s /bin/bash

# mkdir -p /usr/share/skel/Maildir/.spam/{cur,new,tmp}

# chmod -R 700 /usr/share/skel/Maildir/.spam

# chsh -s /bin/sh

3.7 procmailrc編集(IMAPの場合)

# vi /usr/local/etc/procmailrc

下記を記入
SHELL=/bin/sh
PATH=/bin:/usr/bin:/usr/local/bin
DROPPRIVS=yes
MAILDIR=$HOME/Maildir
DEFAULT=$MAILDIR/
SPAM=$MAILDIR/.spam/
#LOGFILE=$MAILDIR/procmail.log

:0
* ^Subject:.*=\?[Ii][Ss][Oo]-2022-[Jj][Pp]\?[Bb]\?GyRCTCQ\+NUJ6OS05cCIo
/dev/null

# ヘッダーに「X-Spam-***」がない場合 spamassassin を起動
:0fw
*!^X-Spam.*
|spamassassin

# ヘッダーに「X-Spam-Status: Yes」がある場合「.spam」ディレクトリに格納
:0
*^X-Spam-Status: Yes
$SPAM

# vi /usr/local/etc/procmailrc

下記を記入

SHELL=/bin/sh

PATH=/bin:/usr/bin:/usr/local/bin

DROPPRIVS=yes

MAILDIR=$HOME/Maildir

DEFAULT=$MAILDIR/

SPAM=$MAILDIR/.spam/

#LOGFILE=$MAILDIR/procmail.log

* ^Subject:.*=\?[Ii][Ss][Oo]-2022-[Jj][Pp]\?[Bb]\?GyRCTCQ\+NUJ6OS05cCIo

/dev/null

# ヘッダーに「X-Spam-***」がない場合 spamassassin を起動

:0fw

*!^X-Spam.*

|spamassassin

# ヘッダーに「X-Spam-Status: Yes」がある場合「.spam」ディレクトリに格納

*^X-Spam-Status: Yes

$SPAM

3.8 スパムメール学習

スパムメール学習スクリプトを作成する

# vi /etc/periodic/daily/620.sa-learn

下記を記入
#!/bin/sh

# spamフォルダをスパムとして学習
/usr/local/bin/sa-learn --spam /home/*/Maildir/.spam/cur

# Maildirフォルダを通常のメールとして学習
/usr/local/bin/sa-learn --ham /home/*/Maildir/cur

# spamフォルダ削除する場合は下記をコメント解除
#/bin/rm -f /home/*/Maildir/.spam/cur/*

# vi /etc/periodic/daily/620.sa-learn

下記を記入

#!/bin/sh

# spamフォルダをスパムとして学習

/usr/local/bin/sa-learn --spam /home/*/Maildir/.spam/cur

# Maildirフォルダを通常のメールとして学習

/usr/local/bin/sa-learn --ham /home/*/Maildir/cur

# spamフォルダ削除する場合は下記をコメント解除

#/bin/rm -f /home/*/Maildir/.spam/cur/*

3.9 スパムメール送信テスト

Thunderbirdで自分あてに空メールを送信すると受信メールのヘッダーに下記のような表示が出る

X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
Return-Path: xxxxx@korodes.com
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on Lepard
X-Spam-Level: **
X-Spam-Status: No, score=2.3 required=13.0 tests=ALL_TRUSTED,
CONTENT_TYPE_PRESENT,EMPTY_MESSAGE autolearn=no autolearn_force=no
version=4.0.1
X-Original-To: xxxxx@korodes.com
Delivered-To: xxxxx@korodes.com
Received: from lepard (localhost [127.0.0.1])
by mail.korodes.com (Postfix) with ESMTP id 6DC012925C
for xxxxx@korodes.com; Sun, 08 Dec 2024 11:12:47 +0900 (JST)
X-Virus-Scanned: amavisd-new at korodes.com
Received: from mail.korodes.com ([127.0.0.1])
by lepard (mail.korodes.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP
id 1bDaORJjFXRY for huong@korodes.com;
Sun, 8 Dec 2024 11:12:47 +0900 (JST)
Received: from [192.168.11.45] (buffalo.setup [192.168.11.1])
by mail.korodes.com (Postfix) with ESMTPSA id 513342928D
for xxxxx@korodes.com; Sun, 08 Dec 2024 11:12:47 +0900 (JST)
Message-ID: fc19537b-dd11-427c-b2a4-4f58035fb755@korodes.com
Date: Sun, 8 Dec 2024 11:12:46 +0900
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
From: huong xxxxx@korodes.com
Content-Language: en-US
To: xxxxx@korodes.com
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject:

Thunderbirdで本文に下記を記入し、自分あてに送信する
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

受信されずに.spamディレクトリーに隔離され、受信メールのヘッダーに下記のような表示が出る

X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on Lepard
X-Spam-Flag: YES
X-Spam-Level: ********************************************************************************
X-Spam-Status: Yes, score=1001.8 required=13.0 tests=ALL_TRUSTED,
CONTENT_TYPE_PRESENT,GTUBE,HTML_MESSAGE,MPART_ALT_DIFF,
MULTIPART_ALTERNATIVE autolearn=no autolearn_force=no version=4.0.1
X-Spam-Report:
* 0.1 ALL_TRUSTED Passed through trusted hosts only via SMTP
* -0.1 CONTENT_TYPE_PRESENT exists:Content-Type
* 0.1 MULTIPART_ALTERNATIVE Multipart/alternative
* 1000 GTUBE BODY: Generic Test for Unsolicited Bulk Email
* 0.7 MPART_ALT_DIFF BODY: HTML and text parts are different
* 1.0 HTML_MESSAGE BODY: HTML included in message

ページのトップへ